From dc9271ef25cd6e99b906bf6dd0fe8c409f1d00a1 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 3 Mar 2003 17:31:22 +0000 Subject: Update to Sendmail 8.12.8; fixes a buffer overflow in the envelope comments processing which may allow an attacker to gain root privileges. --- gnu/usr.sbin/sendmail/libmilter/comm.c | 30 ++++------ .../sendmail/libmilter/docs/smfi_setreply.html | 3 +- gnu/usr.sbin/sendmail/libmilter/handler.c | 4 +- gnu/usr.sbin/sendmail/libmilter/libmilter.h | 70 +++++++++++++++++++++- gnu/usr.sbin/sendmail/libmilter/listener.c | 24 ++++---- gnu/usr.sbin/sendmail/libmilter/main.c | 4 +- 6 files changed, 98 insertions(+), 37 deletions(-) (limited to 'gnu/usr.sbin/sendmail/libmilter') diff --git a/gnu/usr.sbin/sendmail/libmilter/comm.c b/gnu/usr.sbin/sendmail/libmilter/comm.c index d73541e91ec..be3d76e18f1 100644 --- a/gnu/usr.sbin/sendmail/libmilter/comm.c +++ b/gnu/usr.sbin/sendmail/libmilter/comm.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,16 +9,11 @@ */ #include -SM_RCSID("@(#)$Sendmail: comm.c,v 8.54.2.4 2002/12/03 17:32:45 ca Exp $") +SM_RCSID("@(#)$Sendmail: comm.c,v 8.54.2.6 2003/01/03 22:14:40 ca Exp $") #include "libmilter.h" #include -#define FD_Z FD_ZERO(&readset); \ - FD_SET((unsigned int) sd, &readset); \ - FD_ZERO(&excset); \ - FD_SET((unsigned int) sd, &excset) - /* ** MI_RD_CMD -- read a command ** @@ -46,7 +41,7 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) ssize_t len; mi_int32 expl; ssize_t i; - fd_set readset, excset; + FD_RD_VAR(rds, excs); int ret; int save_errno; char *buf; @@ -58,8 +53,8 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) i = 0; for (;;) { - FD_Z; - ret = select(sd + 1, &readset, NULL, &excset, timeout); + FD_RD_INIT(sd, rds, excs); + ret = FD_RD_READY(sd, rds, excs, timeout); if (ret == 0) break; else if (ret < 0) @@ -68,7 +63,7 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) continue; break; } - if (FD_ISSET(sd, &excset)) + if (FD_IS_RD_EXC(sd, rds, excs)) { *cmd = SMFIC_SELECT; return NULL; @@ -131,8 +126,8 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) i = 0; for (;;) { - FD_Z; - ret = select(sd + 1, &readset, NULL, &excset, timeout); + FD_RD_INIT(sd, rds, excs); + ret = FD_RD_READY(sd, rds, excs, timeout); if (ret == 0) break; else if (ret < 0) @@ -141,7 +136,7 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) continue; break; } - if (FD_ISSET(sd, &excset)) + if (FD_IS_RD_EXC(sd, rds, excs)) { *cmd = SMFIC_SELECT; free(buf); @@ -223,9 +218,8 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name) #define MI_WR(data) \ while (sl > 0) \ { \ - FD_ZERO(&wrtset); \ - FD_SET((unsigned int) sd, &wrtset); \ - ret = select(sd + 1, NULL, &wrtset, NULL, timeout); \ + FD_WR_INIT(sd, wrs); \ + ret = FD_WR_READY(sd, wrs, timeout); \ if (ret == 0) \ return MI_FAILURE; \ if (ret < 0) \ @@ -259,7 +253,7 @@ mi_wr_cmd(sd, timeout, cmd, buf, len) ssize_t l; mi_int32 nl; int ret; - fd_set wrtset; + FD_WR_VAR(wrs); char data[MILTER_LEN_BYTES + 1]; if (len > MILTER_CHUNK_SIZE) diff --git a/gnu/usr.sbin/sendmail/libmilter/docs/smfi_setreply.html b/gnu/usr.sbin/sendmail/libmilter/docs/smfi_setreply.html index 29cbbf8dff3..73852f21c4d 100644 --- a/gnu/usr.sbin/sendmail/libmilter/docs/smfi_setreply.html +++ b/gnu/usr.sbin/sendmail/libmilter/docs/smfi_setreply.html @@ -23,7 +23,8 @@ Set the default SMTP error reply code. - + diff --git a/gnu/usr.sbin/sendmail/libmilter/handler.c b/gnu/usr.sbin/sendmail/libmilter/handler.c index edb666603d4..7592781b02e 100644 --- a/gnu/usr.sbin/sendmail/libmilter/handler.c +++ b/gnu/usr.sbin/sendmail/libmilter/handler.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,7 +9,7 @@ */ #include -SM_RCSID("@(#)$Sendmail: handler.c,v 8.30.2.2 2002/12/18 23:15:35 ca Exp $") +SM_RCSID("@(#)$Sendmail: handler.c,v 8.30.2.4 2003/01/23 22:28:36 ca Exp $") #include "libmilter.h" diff --git a/gnu/usr.sbin/sendmail/libmilter/libmilter.h b/gnu/usr.sbin/sendmail/libmilter/libmilter.h index 4696d0e56e1..b6eccad6264 100644 --- a/gnu/usr.sbin/sendmail/libmilter/libmilter.h +++ b/gnu/usr.sbin/sendmail/libmilter/libmilter.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -19,7 +19,7 @@ #ifdef _DEFINE # define EXTERN # define INIT(x) = x -SM_IDSTR(MilterlId, "@(#)$Sendmail: libmilter.h,v 8.33.2.7 2002/12/18 23:15:35 ca Exp $") +SM_IDSTR(MilterlId, "@(#)$Sendmail: libmilter.h,v 8.33.2.9 2003/01/03 22:14:40 ca Exp $") #else /* _DEFINE */ # define EXTERN extern # define INIT(x) @@ -49,6 +49,72 @@ typedef pthread_mutex_t smutex_t; # define smutex_unlock(mp) (pthread_mutex_unlock(mp) == 0) # define smutex_trylock(mp) (pthread_mutex_trylock(mp) == 0) +#if _FFR_USE_POLL + +# include +# define MI_POLLSELECT "poll" + +# define MI_POLL_RD_FLAGS (POLLIN | POLLPRI) +# define MI_POLL_WR_FLAGS (POLLOUT) +# define MI_MS(timeout) (((timeout)->tv_sec * 1000) + (timeout)->tv_usec) + +# define FD_RD_VAR(rds, excs) struct pollfd rds +# define FD_WR_VAR(wrs) struct pollfd wrs + +# define FD_RD_INIT(sd, rds, excs) \ + (rds).fd = (sd); \ + (rds).events = MI_POLL_RD_FLAGS; \ + (rds).revents = 0 + +# define FD_WR_INIT(sd, wrs) \ + (wrs).fd = (sd); \ + (wrs).events = MI_POLL_WR_FLAGS; \ + (wrs).revents = 0 + +# define FD_IS_RD_EXC(sd, rds, excs) \ + (((rds).revents & (POLLERR | POLLHUP | POLLNVAL)) != 0) + +# define FD_IS_WR_RDY(sd, wrs) \ + (((wrs).revents & MI_POLL_WR_FLAGS) != 0) + +# define FD_IS_RD_RDY(sd, rds, excs) \ + (((rds).revents & MI_POLL_RD_FLAGS) != 0) + +# define FD_WR_READY(sd, excs, timeout) \ + poll(&(wrs), 1, MI_MS(timeout)) + +# define FD_RD_READY(sd, rds, excs, timeout) \ + poll(&(rds), 1, MI_MS(timeout)) + +#else /* _FFR_USE_POLL */ + +# include +# define MI_POLLSELECT "select" + +# define FD_RD_VAR(rds, excs) fd_set rds, excs +# define FD_WR_VAR(wrs) fd_set wrs + +# define FD_RD_INIT(sd, rds, excs) \ + FD_ZERO(&(rds)); \ + FD_SET((unsigned int) (sd), &(rds)); \ + FD_ZERO(&(excs)); \ + FD_SET((unsigned int) (sd), &(excs)) + +# define FD_WR_INIT(sd, wrs) \ + FD_ZERO(&(wrs)); \ + FD_SET((unsigned int) (sd), &(wrs)); \ + +# define FD_IS_RD_EXC(sd, rds, excs) FD_ISSET(sd, &(excs)) +# define FD_IS_WR_RDY(sd, wrs) FD_ISSET((sd), &(wrs)) +# define FD_IS_RD_RDY(sd, rds, excs) FD_ISSET((sd), &(rds)) + +# define FD_WR_READY(sd, wrs, timeout) \ + select((sd) + 1, NULL, &(wrs), NULL, (timeout)) +# define FD_RD_READY(sd, rds, excs, timeout) \ + select((sd) + 1, &(rds), NULL, &(excs), (timeout)) + +#endif /* _FFR_USE_POLL */ + #include /* version info */ diff --git a/gnu/usr.sbin/sendmail/libmilter/listener.c b/gnu/usr.sbin/sendmail/libmilter/listener.c index 587148593e9..472e01718ad 100644 --- a/gnu/usr.sbin/sendmail/libmilter/listener.c +++ b/gnu/usr.sbin/sendmail/libmilter/listener.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,7 +9,7 @@ */ #include -SM_RCSID("@(#)$Sendmail: listener.c,v 8.85.2.7 2002/12/10 04:02:25 ca Exp $") +SM_RCSID("@(#)$Sendmail: listener.c,v 8.85.2.9 2003/01/03 22:14:40 ca Exp $") /* ** listener.c -- threaded network listener @@ -17,7 +17,6 @@ SM_RCSID("@(#)$Sendmail: listener.c,v 8.85.2.7 2002/12/10 04:02:25 ca Exp $") #include "libmilter.h" #include -#include # if NETINET || NETINET6 @@ -74,6 +73,7 @@ mi_opensocket(conn, backlog, dbg, smfi) (void) smutex_unlock(&L_Mutex); return MI_FAILURE; } +#if !_FFR_USE_POLL if (!SM_FD_OK_SELECT(listenfd)) { smi_log(SMI_LOG_ERR, "%s: fd %d is larger than FD_SETSIZE %d", @@ -81,6 +81,7 @@ mi_opensocket(conn, backlog, dbg, smfi) (void) smutex_unlock(&L_Mutex); return MI_FAILURE; } +#endif /* !_FFR_USE_POLL */ return MI_SUCCESS; } @@ -669,7 +670,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog) _SOCK_ADDR cliaddr; SOCKADDR_LEN_T clilen; SMFICTX_PTR ctx; - fd_set readset, excset; + FD_RD_VAR(rds, excs); struct timeval chktime; if (mi_opensocket(conn, backlog, dbg, smfi) == MI_FAILURE) @@ -687,13 +688,10 @@ mi_listener(conn, dbg, smfi, timeout, backlog) } /* select on interface ports */ - FD_ZERO(&readset); - FD_ZERO(&excset); - FD_SET((unsigned int) listenfd, &readset); - FD_SET((unsigned int) listenfd, &excset); + FD_RD_INIT(listenfd, rds, excs); chktime.tv_sec = MI_CHK_TIME; chktime.tv_usec = 0; - r = select(listenfd + 1, &readset, NULL, &excset, &chktime); + r = FD_RD_READY(listenfd, rds, excs, &chktime); if (r == 0) /* timeout */ { (void) smutex_unlock(&L_Mutex); @@ -718,14 +716,14 @@ mi_listener(conn, dbg, smfi, timeout, backlog) } continue; } - if (!FD_ISSET(listenfd, &readset)) + if (!FD_IS_RD_RDY(listenfd, rds, excs)) { /* some error: just stop for now... */ ret = MI_FAILURE; (void) smutex_unlock(&L_Mutex); smi_log(SMI_LOG_ERR, - "%s: select() returned exception for socket, abort", - smfi->xxfi_name); + "%s: %s() returned exception for socket, abort", + smfi->xxfi_name, MI_POLLSELECT); break; } scnt = 0; /* reset error counter for select() */ @@ -754,6 +752,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog) save_errno = EINVAL; } +#if !_FFR_USE_POLL /* check if acceptable for select() */ if (ValidSocket(connfd) && !SM_FD_OK_SELECT(connfd)) { @@ -761,6 +760,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog) connfd = INVALID_SOCKET; save_errno = ERANGE; } +#endif /* !_FFR_USE_POLL */ if (!ValidSocket(connfd)) { diff --git a/gnu/usr.sbin/sendmail/libmilter/main.c b/gnu/usr.sbin/sendmail/libmilter/main.c index 3b2d7285c1c..08930ef888a 100644 --- a/gnu/usr.sbin/sendmail/libmilter/main.c +++ b/gnu/usr.sbin/sendmail/libmilter/main.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2002 Sendmail, Inc. and its suppliers. + * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers. * All rights reserved. * * By using this file, you agree to the terms and conditions set @@ -9,7 +9,7 @@ */ #include -SM_RCSID("@(#)$Sendmail: main.c,v 8.64.2.8 2002/12/18 23:13:45 ca Exp $") +SM_RCSID("@(#)$Sendmail: main.c,v 8.64.2.10 2003/01/23 22:34:24 ca Exp $") #define _DEFINE 1 #include "libmilter.h" -- cgit v1.2.3
Called Whensmfi_setreply may be called from any of the xxfi_ callbacks.smfi_setreply may be called from any of the xxfi_ callbacks +other than xxfi_connect.
Effects